What does this AWS Solutions Implementation do?

This solution automates the operational processes that set up your AWS accounts in an efficient and consistent way, helping you to meet your business and production needs. Out-of-the-box, the supported processes include backup and patching services, but you can extend the solution by adding additional configuration steps.


Automate core operational processes

Leverage automated processes to install core operational capabilities including backup and patching in all AWS accounts.

Customize the operational services that are deployed

Edit a customizable configuration file to control and manage the operational services that is deployed to your AWS accounts.

Support for AWS Managed Services accounts

Implement in AWS Managed Services accounts and automate the creation of request for change forms.

AWS Solutions Implementation overview

The diagram below presents the architecture you can automatically deploy using the solution's implementation guide and accompanying AWS CloudFormation template.

Automated Account Configuration | Architecture Diagram
 Click to enlarge

Automated Account Configuration solution architecture

The AWS CloudFormation template deploys the following infrastructure:

  1. The main_orchestrator AWS Lambda function retrieves the AWS Identity and Access Management (IAM) role required to complete the account configuration deployment.
  2. This Lambda function then downloads the configuration file stored in the Amazon S3 bucket.
  3. The S3 bucket hosting the configuration file logs an event to a dedicated logging S3 bucket.
  4. After the configuration file is downloaded, the main_orchestrator Lambda function performs error checks on the inputs and the list of configuration steps. This Lambda function calls the appropriate AWS Step Functions workflow based on the change type defined in the configuration file.
  5. AWS Step Functions call the appropriate invocation Lambda function to run the resource creation process in the destination AWS account.
  6. The invocation Lambda function assumes the appropriate IAM role in the application AWS account containing the necessary permissions to create stacks.
  7. Based on the change type, AWS Step Functions may initiate a follow up status check by calling the status_check Lambda function on a schedule until the process completes.
  8. The status_check Lambda function returns the result of the job to AWS Step Functions once the job completes providing a status of the job.


Automated Account Configuration

Version 1.0.0
Released: 10/2021
Author: AWS

Estimated deployment time: 30 min

Estimated cost Source code  CloudFormation template 
Use the button below to subscribe to updates for this Solutions Implementation.
Note: To subscribe to RSS updates, you must have an RSS plug-in turned on for the browser you are using.
Did this Solutions Implementation help you?
Provide feedback 
Build icon
Deploy a Solution yourself

Browse our library of AWS Solutions Implementations to get answers to common architectural problems.

Learn more 
Find an APN partner
Find an APN Partner

Find AWS certified consulting and technology partners to help you get started.

Learn more 
Explore icon
Explore Solutions Consulting Offers

Browse our portfolio of Consulting Offers to get AWS-vetted help with solution deployment.

Learn more